Details of VAR-200610-0173

ID

VAR-200610-0173

CVE

CVE-2006-5393

TITLE

CSD Vulnerable to reading certain memory pages

Trust: 0.8

sources: JVNDB: JVNDB-2006-001400

DESCRIPTION

Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session. Cisco Secure Desktop is prone to multiple information-disclosure vulnerabilities. Successfully exploiting these issues allows an attacker to gain access to potentially sensitive information; this may lead to other attacks. The following problems exist in the implementation of CSD, which may lead to the leakage of sensitive information related to SSL VPN sessions. Windows Page File Information Leakage Due to the way the Windows virtual memory subsystem operates, virtual physical memory used by any application, including in the Secure Desktop process space, may be written to the page file. The Windows page file stores the contents of the physical memory paged out without encryption, so data forensics tools can be used to recover the information paged out by the operating system. Due to this mechanism, CSD may not be able to delete all data generated and accessed in the SSL VPN session after the VPN session is terminated

Trust: 1.98

sources: NVD: CVE-2006-5393 // JVNDB: JVNDB-2006-001400 // BID: 20410 // VULHUB: VHN-21501

AFFECTED PRODUCTS

vendor:	cisco	model:	secure desktop	scope:	-	version:	-	Trust: 1.4
vendor:	cisco	model:	secure desktop	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	secure desktop	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	cisco	model:	secure desktop	scope:	eq	version:	3.1	Trust: 0.3

sources: BID: 20410 // JVNDB: JVNDB-2006-001400 // CNNVD: CNNVD-200610-330 // NVD: CVE-2006-5393

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-5393
value:	LOW
Trust: 1.0
NVD:	CVE-2006-5393
value:	LOW
Trust: 0.8
CNNVD:	CNNVD-200610-330
value:	LOW
Trust: 0.6
VULHUB:	VHN-21501
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2006-5393
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-21501
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-21501 // JVNDB: JVNDB-2006-001400 // CNNVD: CNNVD-200610-330 // NVD: CVE-2006-5393

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-5393

THREAT TYPE

local

Trust: 0.9

sources: BID: 20410 // CNNVD: CNNVD-200610-330

TYPE

Design Error

Trust: 0.9

sources: BID: 20410 // CNNVD: CNNVD-200610-330

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-001400

PATCH

title:

cisco-sa-20061009-csd

url:

http://www.cisco.com/en/US/products/csa/cisco-sa-20061009-csd.html

Trust: 0.8

sources: JVNDB: JVNDB-2006-001400

EXTERNAL IDS

db:	NVD	id:	CVE-2006-5393	Trust: 2.8
db:	BID	id:	20410	Trust: 2.0
db:	SECTRACK	id:	1017018	Trust: 1.7
db:	JVNDB	id:	JVNDB-2006-001400	Trust: 0.8
db:	CNNVD	id:	CNNVD-200610-330	Trust: 0.7
db:	CISCO	id:	20061009 LIMITATIONS IN CISCO SECURE DESKTOP	Trust: 0.6
db:	VULHUB	id:	VHN-21501	Trust: 0.1

sources: VULHUB: VHN-21501 // BID: 20410 // JVNDB: JVNDB-2006-001400 // CNNVD: CNNVD-200610-330 // NVD: CVE-2006-5393

REFERENCES

url:	http://www.securityfocus.com/bid/20410	Trust: 1.7
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a0080754f34.shtml	Trust: 1.7
url:	http://securitytracker.com/id?1017018	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5393	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5393	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps6742/tsd_products_support_series_home.html	Trust: 0.3
url:	http://www.cisco.com/en/us/products/ps6742/products_configuration_guide_chapter09186a00805f9f42.html#wp1041681	Trust: 0.3
url:	http://support.microsoft.com/kb/314834/en-us/	Trust: 0.3
url:	http://support.microsoft.com/kb/182086/en-us/	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/cisco-sa-20061009-csd.shtml	Trust: 0.3

sources: VULHUB: VHN-21501 // BID: 20410 // JVNDB: JVNDB-2006-001400 // CNNVD: CNNVD-200610-330 // NVD: CVE-2006-5393

CREDITS

ManTech International Corporation※http://www.mantech.com/

Trust: 0.6

sources: CNNVD: CNNVD-200610-330

SOURCES

db:	VULHUB	id:	VHN-21501
db:	BID	id:	20410
db:	JVNDB	id:	JVNDB-2006-001400
db:	CNNVD	id:	CNNVD-200610-330
db:	NVD	id:	CVE-2006-5393

LAST UPDATE DATE

2024-08-14T14:41:57.761000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-21501	date:	2008-09-05T00:00:00
db:	BID	id:	20410	date:	2016-07-06T14:06:00
db:	JVNDB	id:	JVNDB-2006-001400	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200610-330	date:	2006-10-20T00:00:00
db:	NVD	id:	CVE-2006-5393	date:	2008-09-05T21:12:09.467

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-21501	date:	2006-10-18T00:00:00
db:	BID	id:	20410	date:	2006-10-09T00:00:00
db:	JVNDB	id:	JVNDB-2006-001400	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200610-330	date:	2006-10-18T00:00:00
db:	NVD	id:	CVE-2006-5393	date:	2006-10-18T19:07:00